• 0 Posts
  • 13 Comments
Joined 1 year ago
cake
Cake day: August 3rd, 2023

help-circle



  • I’m pretty sure I didn’t mess with systemd, though that would probably be the right way to handle it.

    I was able to update a runtime config so if any storage wasn’t available it just halted the service. Then I created a short script I’d invoke manually which decrypted the luks drives and brought the dependent services up. I also added monitoring to alert me when the drives weren’t available for whatever reason.


  • I use separate disks for data storage and my OS. That way a headless system can boot and all the services like SSH can become available, and I can decrypt the data drives remotely.

    When there’s an unexpected reboot I can still get into my system and decrypt remotely which is nice. I can also move the data storage disks to another system without too much hassle.

    I did have to make sure some services were fault tolerant if an encrypted volume was unavailable when the OS booted. An example of this might be torrenting software, I needed to make sure the temporary storage was on an encrypted volume. The software had a sane fault mode when the final storage location was unavailable, but freaked out for some reason when the temp storage was missing.

    Once set up the whole thing is pretty easy to manage.





  • I know this is a privacy community, but I’m not sure I’m onboard with the outrage on this particular one. If you rent/lease or go on a payment plan for the device you’re using, then it isn’t yours, it belongs to the entity you borrowed it from.

    If I don’t make car payments, the bank can repossess my ride. If I dont pay my mortgage or rent, I can be evicted by my landlord or bank.

    If I don’t make my phone payment, the company should have recourse to prevent me from using their device.

    This could open up the ability for bad actors to disable my device, and I agree that’s a horrible prospect. But the idea of a legitimate creditor using this feature to reclaim their property is not something I find shocking.